Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,222 Commits 1 Branch 0 Tags 5.8 MiB
Commit Graph

645 Commits

Author SHA1 Message Date
Aminda Suomalainen 5211fb772c
sshd_config.d: add anoncvs.conf 2021-01-30 21:00:06 +02:00
Aminda Suomalainen de3a0739b4
sshd_config.d: add mikaela-prohibit-password.conf 
Resolves: #88
 2021-01-30 20:50:21 +02:00
Aminda Suomalainen a7c643bb7a
etc/sshd_config.d: add basic-security.conf 
Ref: 88
 2021-01-30 20:47:21 +02:00
Aminda Suomalainen 8628ec28e0
yum.repos.d: add Dino 2021-01-30 11:01:17 +02:00
Aminda Suomalainen 84ee7aeada
yum.repos.d: list Keybase too 2021-01-29 19:18:11 +02:00
Aminda Suomalainen 27d1914424
etc: add dnf/dnf.conf & yum.repos.d/README.md 2021-01-29 19:15:08 +02:00
Aminda Suomalainen 81296a241c
chrony: cut chrony.d/ into conf.d/ and sources.d/ 
I hope these are wider defaults than just Debian and allow me to not
conflit with package manager, but regardless having a separate
sources.d/ looks like a good idea for being able to `chronyc reload sources`
 2021-01-29 12:56:38 +02:00
Aminda Suomalainen fc0730d7a5
sudoers.d/protonvpn.conf: add /usr/bin/protonvpn 2021-01-28 13:13:28 +02:00
Aminda Suomalainen 16b19fb34d
torrc-client: add etro.mikaela.info 2021-01-26 19:42:25 +02:00
Aminda Suomalainen 6216d8cda3
sudoers.d: add passwordless protonvpn-{tray,gui} 2021-01-16 20:40:21 +02:00
Aminda Suomalainen 2df7aed162
chrony/yggdrasil: add comment & Kotka computers 2021-01-08 11:25:16 +02:00
Mikaela Suomalainen 0f94c59b81
chrony: add hetzner srevers 2020-12-19 13:03:54 +02:00
Aminda Suomalainen abb0c37ef2
unbound.conf.d: add yggdrasil-override.conf 
Begins #89 at a better time
 2020-12-15 20:34:01 +02:00
Aminda Suomalainen b26c9f698d
chrony/yggdrasil: add Etro 2020-12-15 14:30:30 +02:00
Aminda Suomalainen b20f3367b1
systemd/yggdrasil: add mullvad-exclude (& fix chrony override typo) 2020-12-09 09:38:49 +02:00
Aminda Suomalainen 36b6a99e85
chrony.d: local-servers: add notes + xleave to the first comment 2020-12-09 08:44:34 +02:00
Aminda Suomalainen 40d535f2c0
systemd/chrony.service.d/mullvad-exclude: actually fix this 2020-12-08 18:36:34 +02:00
Aminda Suomalainen f92b8d8d05
chrony.d/yggdrasil.conf: add y.Jolly-Roger 2020-12-06 19:49:12 +02:00
Aminda Suomalainen e27e88efd8
chrony.d: add hwtimestamp.conf 2020-12-06 19:26:04 +02:00
Aminda Suomalainen 4a25481db2
chrony/yggdrasil.conf: add Sedric 2020-12-06 18:36:23 +02:00
Aminda Suomalainen 5e94147e81
chrony.d/yggdrasil.conf: initial commit 2020-12-06 18:02:43 +02:00
Aminda Suomalainen 2a615d8241
chrony: note that confdir and NTS require 4.0 2020-12-03 10:52:47 +02:00
Aminda Suomalainen e9aefd711b
blocklist.conf: refuse blocked instead of nxdomain 
Only the Firefox DoH needs to be NXDOMAIN while REFUSE may be more
accurate for the rest.
 2020-11-21 12:13:55 +02:00
Aminda Suomalainen e7a6e00b83
unbound/dns-over-tls: comment Adguard & NextDNS for not being in FI 2020-11-15 09:46:50 +02:00
Aminda Suomalainen aadcc009a0
unbound/dns-over-tls.conf: add Adguard (unfiltered) & NextDNS 2020-11-12 16:12:18 +02:00
Aminda Suomalainen 3289a812ee
unbound: add dns-mullvad.conf (not encrypted) 
Contains Mullvad Wireguard, OpenVPN and public addresses
 2020-11-10 16:04:48 +02:00
Aminda Suomalainen 9536101263
resolv.csv: add BlahDNS DoH CDNs 
Just doh1, because it and doh2 resolve into the same addresses for me
and I don't want to add duplicate DoH field when only BlahDNS has two
differnt addresses for the same thing.
 2020-11-08 12:50:31 +02:00
Aminda Suomalainen 49d969822b
etc/resolv.csv: add BlahDNS 
Resolves: #85
 2020-11-04 12:56:48 +02:00
Aminda Suomalainen c302b10caf
chrony.d: restore log.conf 2020-11-01 11:57:57 +02:00
Aminda Suomalainen 07e8c52f3b
chrony.d/local-servers: remove duplicate line 
it's in README.md
 2020-11-01 11:36:30 +02:00
Aminda Suomalainen dced82b820
etc/chrony: break chrony.conf into README.md & chrony.d/ 2020-11-01 11:23:59 +02:00
Aminda Suomalainen 52458cc8aa
chrony.conf: add xleave for peer 2020-11-01 10:47:30 +02:00
Aminda Suomalainen 84a669f51f
chrony.conf: add note for Windows on nettime 2020-10-31 18:10:25 +02:00
Aminda Suomalainen c55e6b97e8
chrony.conf: comments for nmap and VPNs 2020-10-31 14:34:47 +02:00
Aminda Suomalainen 0c7038da14
systemd: systemd-resolved.service.d/unbound.conf: After unbound 2020-10-30 10:19:39 +02:00
Aminda Suomalainen fe83cbbb3a
systemd: add config for excluding Chrony from Mullvad 2020-10-30 08:04:58 +02:00
Aminda Suomalainen f878041e2e
unbound/dns-over-tls.conf: reverse order of providers 
It seems to have some (small?) relevance to where queries go to.
 2020-10-29 16:24:52 +02:00
Aminda Suomalainen 6e1f41533c
unbound/dns-over-tls.conf: comment the 443 appliedprivacy 
Thinking it a bit more, it's not useful to use their resources on
devices that practically never encounter blocked port 853.
 2020-10-29 13:22:19 +02:00
Aminda Suomalainen b03e00faaa
local/share/apps: add firejailed mirage (todo: test it) 2020-10-29 13:15:48 +02:00
Aminda Suomalainen c93034ba7f
unbound/dns-over-tls.conf: major cleanup 2020-10-29 13:15:23 +02:00
Aminda Suomalainen 8b04c26065
chrony.conf: add a peer comment for LOCALMACHINE.local 2020-10-27 10:35:09 +02:00
Aminda Suomalainen dc2ac02412
begin depulseaudioing 
https://wiki.archlinux.org/index.php/PulseAudio/Troubleshooting#No_sound_below_a_volume_cutoff_or_Clipping_on_a_particular_output_device
is too much for me. I expect to suffer this decision too though.

* i3: bind audio buttons to amixer (TODO: there are still pulse-specific
  shortcuts and no shortcut for any kind of a mixer. $TERMINAL
  alsamixer?)
* i3status: comment pulse to make it see alsa
* apt: pin pulseaudio to negative priority
 2020-10-26 17:21:39 +02:00
Aminda Suomalainen 9b197cbaed
chrony.conf: add a local server example 2020-10-26 07:34:10 +02:00
Aminda Suomalainen 258cf72ccb
chrony.conf: mark Cloudflare as a pool of 2 2020-10-25 19:46:36 +02:00
Aminda Suomalainen 9ae9856c0a
chrony.conf: mark Snopyta & Telia as pools with maxsources 3 2020-10-25 18:54:53 +02:00
Aminda Suomalainen 51080f52d8
chrony.conf: add comments on allowing lan access 2020-10-25 17:43:07 +02:00
Aminda Suomalainen b4ca31e6c6
chrony.conf: add DNA & Telia NTP servers 
Resolves: #83
 2020-10-25 17:22:59 +02:00
Aminda Suomalainen 4cebe7fbd5
chrony.conf: list NTP servers 
Ref: #83
 2020-10-25 12:44:53 +02:00
Aminda Suomalainen 993759577e
Bind systemd-resolved to Unbound 2020-10-25 09:05:07 +02:00
Aminda Suomalainen 73f273f4bb
etc/chrony: add small chrony.conf notes 2020-10-24 11:32:07 +03:00
Aminda Suomalainen d3e00fb1a3
xdg-applications: add firejailed appimage of chatterino 2020-10-24 09:11:14 +03:00
Aminda Suomalainen 1e70d7d4d7
etc/systemd-resolved&unbound: add Quad9 ECS configs 
Untested. The last time I saw the documentation, they didn't mention
DoT.
 2020-10-21 17:09:20 +03:00
Aminda Suomalainen 1467454284
hosts.append: prepend empty line 
It makes it easier to see where this begins in the appended /etc/hosts
 2020-10-21 15:18:03 +03:00
Aminda Suomalainen de7184794a
etc: add hosts.append for appending into hosts for systemd-resolved 2020-10-21 15:16:56 +03:00
Aminda Suomalainen ca4c85b7df
etc/resolv.csv: add Quad9 ECS 
The DoT address is guessed and verified to be open through nmap, as it's
not documented, I don't know surely that it's what it should.

DoH is mentioned in https://www.quad9.net/doh-quad9-dns-servers/

via https://gitlab.com/nitrohorse/ios14-encrypted-dns-mobileconfigs/-/issues/6
 2020-10-18 11:11:27 +03:00
Aminda Suomalainen cb5781044c
resolv.conf: add OpenDNS Family 2020-10-03 14:56:52 +03:00
Aminda Suomalainen 5f9cf10c68
resolv.csv: add Cleanbrowsing 2020-10-03 14:07:41 +03:00
Aminda Suomalainen 531abc1f42
resolv.csv: fix Cloudflare DoT address 2020-10-03 13:49:04 +03:00
Aminda Suomalainen 96d19d99cb
resolv.csv: add Cloudflare family, fill CF antimalware IPv6 2020-10-03 13:46:13 +03:00
Aminda Suomalainen 8241d0e695
resolv.csv: add AdGuard Family 2020-10-03 13:42:05 +03:00
Aminda Suomalainen ae533261ab
etc/resolv.csv restore Firefox addresses 2020-10-03 13:38:31 +03:00
Aminda Suomalainen 13a03812ba
resolv.conf: move resolvers to resolv.csv 2020-09-27 15:05:53 +03:00
Aminda Suomalainen 31a15a9abc
systemd-resolved & unbound: update AdGuard IPs 
Resolves: #81
 2020-09-27 14:34:54 +03:00
Aminda Suomalainen 09d7a87dfb
fix zaldaryn-r8168? 2020-09-03 19:39:34 +03:00
Aminda Suomalainen 6c2475676c
unbound.conf.d/dot-adguard.conf: fix SNI domain 2020-08-30 16:56:51 +03:00
Aminda Suomalainen edb259b1c8
unbound.conf.d: add dot-adguard.conf 2020-08-30 16:45:35 +03:00
Aminda Suomalainen cc965d4692
blocklist.conf: add empty line & incoming.telemetry.mozilla.org 2020-08-22 23:31:54 +03:00
Aminda Suomalainen 263f828550
unbound blocklist: add ssl.google-analytics.com 2020-08-20 19:30:47 +03:00
Aminda Suomalainen 94eace15e7
unbound/blocklist.conf: specify it's server clause 
Introduced by e4d18d47c5
 2020-08-20 18:38:37 +03:00
Aminda Suomalainen cabf7c570d
blocklist.conf: add [www.]google-analytics.com. 2020-08-20 18:33:51 +03:00
Aminda Suomalainen b5cafdeb90
unbound: the mass file is not a good idea? cut it? 2020-08-16 12:18:07 +03:00
Aminda Suomalainen e4d18d47c5
etc/.../unbound.conf: update for 1.11.0-1+ 2020-08-15 10:27:50 +03:00
Aminda Suomalainen cf8dc85ec0
systemd/timesyncd.conf.d: add cloudflare.conf 2020-08-09 10:51:36 +03:00
Aminda Suomalainen 82cf5e7742
systemd/resolved.conf.d: add generic NextDNS confs 2020-08-09 00:07:06 +03:00
Aminda Suomalainen c3f9205610
resolv.conf: fix nextdns addresses 2020-08-09 00:03:13 +03:00
Aminda Suomalainen bbbe4a2f04
resolv.conf: add Firefox DoH resolvers 
Excluding Comcast
 2020-08-08 20:06:39 +03:00
Aminda Suomalainen f58ba9424e
resolv.conf: more notes, hilight systemd-resolved, add DoH addresses 2020-08-08 19:44:08 +03:00
Aminda Suomalainen ca25fa1a66
sources.list: rm 16.04.archive.ubuntu.com 
I don't see enough difference compared to ubuntu.

Resolves: #78
 2020-08-07 15:58:54 +03:00
Mikaela Suomalainen 0be7388798
sources.list: add ubuntu 
Resolves: #77
 2020-08-07 10:40:22 +03:00
Aminda Suomalainen 73fb88e11d
systemd-resolved.conf.d: everywhere -> 00-everywhere 2020-07-24 12:16:31 +03:00
Aminda Suomalainen 8af19aab5e
resolv.conf: link to Mullvad issue while at it 2020-07-23 23:28:14 +03:00
Aminda Suomalainen 99cda3d7ed
resolv.conf: add a missing word 2020-07-23 23:27:37 +03:00
Aminda Suomalainen 7da5babc43
resolv.conf: add missing empty line 2020-07-23 22:59:53 +03:00
Aminda Suomalainen d3e1aaee30
resolv.conf: more systemd-resolved info 2020-07-23 22:52:32 +03:00
Aminda Suomalainen 6289837766
resolv.conf: note the systemd-resolved files 2020-07-23 22:43:04 +03:00
Aminda Suomalainen a8e9d7d81f
etc/resolv.conf: add option trust-ad 2020-07-20 23:11:55 +03:00
Aminda Suomalainen 69f55cd724
systemd/resolved: adguard-strict -> adguard-dot 2020-07-18 14:05:36 +03:00
Aminda Suomalainen 550b68d149
etc/systemd/resolved: add [adguard,cloudflare}-strict.conf 
I am not actually using either though and I am not sure if I will,
but maybe they are nice to have as a backup here just in case.
 2020-07-18 02:20:56 +03:00
Aminda Suomalainen b3cb953b9c
systemd/resolved: add a comment to everywhere.conf too 
as every other file explains who it is for, why not this
 2020-07-04 19:09:26 +03:00
Aminda Suomalainen 0ae22081a0
etc/systemd-resolved: rework all files more or less 
* explain things in README.md, don't duplicate comments
* opportunistic-insecure.conf should be used everywhere by default, so
  thus it's now everywhere.conf. However I am yet to test it does what
  I expect, so this is bad case of testing in production or after
  committing it in general.
 2020-07-04 19:06:18 +03:00
Aminda Suomalainen 7a73088beb
systemd/resolved.conf.d/quad9*.conf: enable SNI 2020-06-26 12:22:09 +03:00
Aminda Suomalainen bce9af0edd
resolved.conf: add quad9-compat.conf 2020-06-26 12:22:09 +03:00
Mikaela Suomalainen 507b9b15c7
etc/containers: add registries.conf example 
linking to source, it seems to be enough to get started with podman
 2020-05-27 11:01:08 +03:00
Mikaela Suomalainen 856085bd74
ssh_config: document ForwardAgent and ForwardX11... 
...Previously they were no without explanation, but it never hurts to
explicitly have comments on not doing that, I didn't quickly find
anything nice for ForwardAgent, but I remember the Matrix.org people
somehow avoiding hearing it and ForwardX11 first result was that
StackExchange.
 2020-05-22 14:36:26 +03:00
Mikaela Suomalainen d8d48508bd
ssh_config: update comments, add Includes 
Resolves: #69
 2020-05-22 14:29:37 +03:00
Aminda Suomalainen c2c27c8adb
local: add firejail-appimage-patchwork.desktop 2020-05-08 18:14:42 +03:00
Aminda Suomalainen 5226399637
grub.d: add quiet.cfg to remind me to not remove it 2020-04-08 19:24:22 +03:00
Aminda Suomalainen 1e08997ad5
etc/sources.list: add (Debian's) experimental 2020-03-30 18:12:16 +03:00
Aminda Suomalainen 6f2f986d2f
etc/fahclient/config.xml: let the slider be MEDIUM 2020-03-30 09:16:32 +03:00
Aminda Suomalainen d1fc83913b
systemd/user: add ipfs, transmission-daemon (from system) 2020-03-30 08:42:06 +03:00
Aminda Suomalainen b2dac44a64
etc: add fahclient/config.xml 2020-03-30 08:35:56 +03:00
Aminda Suomalainen d39ec4ccfe
grub.d/oldifnames.cfg: update comment 
I seem to be using it in multiple systems so I cannot say I don't
recommend it, when it's understood.
 2020-03-29 15:12:00 +03:00
Aminda Suomalainen 53944a0673
grub.d: add forcefsck.cfg 2020-03-29 15:11:48 +03:00
Aminda Suomalainen b217baaec9
systemd/system: update syncplay-server.service 
It never got the TLS flag apparently
 2020-03-27 18:02:34 +02:00
Aminda Suomalainen d71357613f
apt/preferences.d/limit-unstable: add unstable-debug repo 
It may be unhelpful to have debug symbols getting pulled from Unstable
while using packages from Testing or even Stable.
 2020-03-21 16:40:00 +02:00
Aminda Suomalainen 9d70aa8119
org.signal.Signal.desktop: rename to Signal Tray 2020-03-09 09:35:19 +02:00
Aminda Suomalainen 8fc2d8905c
etc/nginx/README.md: add future warning 2020-03-07 21:08:57 +02:00
Aminda Suomalainen 64d5fef6f3
ipfs.service: point to the new meta issue 2020-02-29 18:03:32 +02:00
Aminda Suomalainen b125fc1804
etc/systemd/resolved.conf.d: general.conf -> opportunistic-insecure.conf 2020-02-21 19:03:56 +02:00
Aminda Suomalainen 60cac14929
etc: add multi-user.cfg 2020-02-18 01:42:27 +02:00
Aminda Suomalainen 585266bc28
update pomotroid.desktop & add ipfs-desktop.desktop 
Pomotroid now stores data
 2020-02-13 20:17:39 +02:00
Aminda Suomalainen a3d7b0af22
etc/default/grub.d/lockdown.cfg: notes + lockdown=integrity comment 2020-02-13 02:03:52 +02:00
Aminda Suomalainen b770e356cb
etc/default/grub.d: add lockdown.cfg 2020-02-13 01:17:39 +02:00
Aminda Suomalainen 60899ca667
etc/sysctl.d: add kernel.yama.ptrace_scope = 1 2020-02-12 22:36:17 +02:00
Aminda Suomalainen 3e325cca03
etc/sysctl.d: add 00-local-userns.conf with warnings/rant 2020-02-12 22:00:11 +02:00
Aminda Suomalainen bd6488e0ed
etc/default/grub.d: nouveau.cfg -> itwjyg.cfg + more modules 2020-02-10 17:54:47 +02:00
Aminda Suomalainen fafc6fad62
etc/xdg/autostart: add pomotroid.desktop 
Resolves: #50
 2020-02-09 20:36:56 +02:00
Aminda Suomalainen 1a8c6fcd24
merge local/share/applications & etc/xdg/autostart 2020-02-09 20:35:54 +02:00
Aminda Suomalainen ee0038c568
add /etc/network/interfaces.d/eth0 2020-02-09 14:53:56 +02:00
Aminda Suomalainen 8472ffa7cd
NetworkManager: add manage-ifupdown.conf 2020-02-09 14:53:01 +02:00
Aminda Suomalainen 9177966264
etc/default/grub.d: -supposedly & modprobe r8168 2020-02-09 14:50:43 +02:00
Aminda Suomalainen da2f090f56
logind.conf.d/lidclose.conf: mention systemd-rfkill, ref: #51 2020-02-03 22:41:47 +02:00
Aminda Suomalainen d54ec98f99
NM/iwd.conf: add missing line (enable --now iwd) 2020-02-03 21:40:11 +02:00
Aminda Suomalainen d8740f54e1
NetworkManager/conf.d: add iwd.conf for replacing wpa_supplicant 2020-02-03 21:15:35 +02:00
Aminda Suomalainen c0399054bb
etc/systemd/login.conf.d/lidclose.conf: ignore lid close 2020-02-03 19:36:05 +02:00
Aminda Suomalainen a82e3fd989
etc/NetworkManager: add no-mac-randomizing.conf 2020-01-28 23:12:54 +02:00
Aminda Suomalainen b04c724b5b
etc/default/grub.d: add flags to disable hibernating 2020-01-19 13:47:33 +02:00
Aminda Suomalainen 2168bc47ed
apt/preferences.d: don't consider firefox/jami as badideas 2020-01-12 13:24:11 +02:00
Aminda Suomalainen 86cb1a02dc
etc/xdg/autostart: add com.github.wwmm.pulseeffects.desktop 2020-01-11 22:25:33 +02:00
Aminda Suomalainen e47568e178
etc/xdg/autostart: add Nextcloud.desktop 2020-01-11 22:24:23 +02:00
Aminda Suomalainen 5c6f66e5fc
etc/apt/preferences.d: add hacks/limit-buster 2020-01-11 22:11:25 +02:00
Aminda Suomalainen eabd12a26d
etc/apt/preferenced: move not-so-good-ideas to badideas/ 2020-01-11 21:43:52 +02:00
Aminda Suomalainen 31c53595f8
etc/apt/preferences.d: add limit-unstable from Wireguard 2020-01-11 21:41:09 +02:00
Aminda Suomalainen 3011004856
NetworkManager/conf.d: add no-resolvconf.conf 2020-01-11 21:05:05 +02:00
Aminda Suomalainen 346d726bb7
NetworkManager/unbound: note unbound-control-setup 2020-01-03 01:52:21 +02:00
Aminda Suomalainen 2df7887dda
NetworkManager/conf.d: add unbound.conf 
For Unbound which I generally use, even while it requires dnssec-trigger
 2020-01-02 15:32:50 +02:00
Aminda Suomalainen 6ae87b6de8
etc/default/grub.d: add oldifnames.cfg 
see comments of the file for reason
 2019-12-30 16:24:42 +02:00
Aminda Suomalainen 05ffc40c7d
xdg/autostart: add Mullvad-VPN gui 2019-12-28 19:27:52 +02:00
Aminda Suomalainen a6c5902c08
etc/default/grub: add random.trust_cpu=on 
Possibly some help to boot time entropy exhaustion, but it may have been
enabled by default already.
 2019-12-27 19:46:30 +02:00
Aminda Suomalainen b1f7177d7f
etc/xdg/autostart: add dino & jami 2019-12-24 16:58:45 +02:00
Aminda Suomalainen 4e640e3d50
etc/xdg/autostart: add Riot & -many to Telegram 2019-12-23 12:49:05 +02:00
Aminda Suomalainen bc46ad3119
torrc-client: add port 9119 for http 2019-12-23 12:48:33 +02:00
Aminda Suomalainen 0c4bacc1ca
etc/xdg/autostart: add Gajim & Signal 2019-12-21 18:54:02 +02:00
Aminda Suomalainen 7541d93206
dns-over-tls.conf: update BlahDNS-JP addresses 2019-12-01 12:48:02 +02:00
Aminda Suomalainen 10b1b8ad86
unbound/dot: fix outdated comment 2019-11-03 00:49:19 +02:00
Aminda Suomalainen 7b2c1568d1
unbound/dns-over-tls.conf: replace BlahDNS CH with FI 
Shutting down on December 31th https://blahdns.com/
 2019-11-03 00:15:59 +02:00
Aminda Suomalainen 4e93c66d67
systemd/resolved.conf.d/quad9: expand on versions 2019-11-02 18:37:12 +02:00
Aminda Suomalainen d062d6675c
unbound/blacklist.conf: Riot has fixed it's habits 
Integration manager and identity server can be configured in settings
 2019-10-16 15:01:48 +03:00
Aminda Suomalainen 5a1ed609ed
update etc/xdg/autostart/README.md 2019-10-12 19:02:45 +03:00
Aminda Suomalainen 64934af736
etc/xdg/redshift: add icon & chmod +x 2019-10-12 19:02:27 +03:00
Aminda Suomalainen a79e9d3c21
etx/xdg/auostart: add com.wire.WireDesktop & telegramdesktop 2019-10-12 19:00:58 +03:00
Aminda Suomalainen a482390118
etc/xdg/autostart: deprecate unnecessary ones 2019-10-12 18:46:23 +03:00
Aminda Suomalainen 1e636a65af
unbound/dns-over-tls.conf: enable BlahDNS over Yggdrasil 2019-10-08 20:52:41 +03:00
Aminda Suomalainen 077b1a7679
etc/NetworkManager: move relevant parts to conf.d/ 
I have no idea when I have previously looked into those two files (git
history would probably tell me), but I don't think they make much sense,
while the important parts can be cut into conf.d/ and applied
individually as needed.
 2019-10-04 20:18:32 +03:00
Aminda Suomalainen 16e66010a2
etc/NetworkManager: add conf.d and cp from Itwjyg 
Strangely Itwjyg is a special case system where I need systemd-resolved
and its opportunistic DNSSEC/DoT. I also accidentally forgot
dns-none.conf (then dns.conf) there, but systemd-resolved.conf appears
to have overridden it, so it was fine and I have now removed the extra
one.
 2019-10-04 20:10:27 +03:00
Aminda Suomalainen cb79fa283a
apt/preferences.d/firefox: add l10n 2019-09-24 21:57:54 +03:00
Aminda Suomalainen f1b6101afd
apt/preferences.d: pin firefox[-esr] from sid 2019-09-24 21:46:13 +03:00
Aminda Suomalainen bda94cac72
etc/nginx: remove / from the proxies 
while I still remember
 2019-09-18 17:40:00 +03:00
Aminda Suomalainen ee03a773c0
apt/preferences.d: add jami 2019-09-17 17:22:15 +03:00
Aminda Suomalainen bc9848185d
i2pd: increase tunnel lengths to 2 in hope of better NAT evading 2019-09-15 14:40:44 +03:00
Aminda Suomalainen b3dc6ced51
systemd: initial i2pd.service & .d/override.conf 
Begins #38
 2019-09-15 13:52:57 +03:00
Aminda Suomalainen b614486427
etc/nginx: more modern working configs from Relpda 2019-09-13 16:32:01 +03:00
Aminda Suomalainen 0ca2718569
unbound/blocklist.conf: use always_nxdomain, remove publicbt.com 2019-09-10 21:27:23 +03:00
Aminda Suomalainen 01cd9e7b45
etc/fstab: notes on encryption, tmpfs, cleanup 2019-09-10 00:21:48 +03:00
Aminda Suomalainen 541a4a4f15
etc/i2pd/tunnels.conf.d: add yggdrasil-in.conf 2019-09-09 14:40:09 +03:00
Aminda Suomalainen 0c70f41afc
unbound/blocklist: uncomment vector.im, add use-application-dns.net 
* Vector.im is the identity server that gets restored by itself and I
  don't seem to ever have any business to Vector.im website, while
  the other domains I need to visit at times.
* use-application-dns.net being NXDOMAIN tells Firefox to not send
  traffic to Cloudflare DoH. I thought of this when I saw the news and
  got courage to actually do this after seeing that DNSCrypt-proxy also
  does so.
 2019-09-07 14:42:15 +03:00
Aminda Suomalainen 91025d7129
etc/default/grub.d: merge mds.cfg into mitigations.cfg 
Ref: #33

Still missing documentation/comments
 2019-09-06 12:38:42 +03:00
Aminda Suomalainen f4f8b3f529
grub.d/{mitigations,nosmt}.cfg: initial commit 
TODO: documents

Ref: #34
 2019-09-06 01:17:32 +03:00
Aminda Suomalainen 47c7a3aca2
grub.d: add default-windows.cfg 
Resolves: #33
 2019-09-04 12:00:57 +03:00
Aminda Suomalainen 4b214b0e0f
etc/default/grub.d: add nouveau 2019-09-04 11:40:06 +03:00
Aminda Suomalainen c91b1b97a9
systemd/system: add unit file for etherpad-lite 
Closes: #27
 2019-08-29 13:10:55 +03:00
Aminda Suomalainen 319ae6c2bf
etc/modprobe.d/blacklist-hdmi-audio.conf: add source 2019-08-29 01:31:32 +03:00
Aminda Suomalainen 9bb1dbb301
etc/modprobe.d: blacklist snd_hda_codec_hdmi 2019-08-29 01:27:40 +03:00
Aminda Suomalainen 3f81f02bfd
etc/default/grub.d/sedric.cfg: acpi_backlight=vendor has no effect 2019-08-26 10:23:41 +03:00
Aminda Suomalainen 06c56bbc78
etc/default/grub.d: add mds.conf for mitigating mds CPU vuln 
Ref: #22
 2019-08-25 20:32:38 +03:00
Aminda Suomalainen 066c42717c
torrc-client: enable ClientPreferIPv6ORPort as my IPv6 works 2019-08-25 18:39:12 +03:00
Aminda Suomalainen 9bcd2d61c7
unbound/*dns64*: add Cloudflare 2019-08-25 18:27:11 +03:00
Aminda Suomalainen aa2c53349d
unbound/plain-dns64.conf: add Google DNS 2019-08-25 18:21:16 +03:00
Aminda Suomalainen 31aa6066b5
unbound/dns-over-tls.conf: don't mention forwards.conf 
I renamed it.
 2019-08-25 18:17:50 +03:00
Aminda Suomalainen 41644a9b65
unbound: add dns64-over-tls.conf (broken for now) 2019-08-25 18:16:51 +03:00
Aminda Suomalainen 6308c9af72
unbound: clean up plain-dns64.conf (only TREX for now) 2019-08-25 18:09:50 +03:00
Aminda Suomalainen 04658408d4
unbound: rename forwards.conf -> plain-dns64.conf 2019-08-25 18:07:28 +03:00
Aminda Suomalainen 3dc273fbe0
unbound: mention other files of interest in dot & add threads 2019-08-24 12:40:04 +03:00
Aminda Suomalainen 6274ed8e13
unbound/dot: add nic.cz & nixnet 2019-08-24 12:02:26 +03:00
Aminda Suomalainen 5462af3059
unbound/dot: add Lelux.fi 2019-08-24 11:57:42 +03:00
Aminda Suomalainen 7afaa57882
unbound/dot: add Snopyta 2019-08-24 11:55:22 +03:00
Aminda Suomalainen 4e4d19a765
unbound.conf.d/logging.conf: print statistics hourly 2019-08-20 18:05:19 +03:00
Aminda Suomalainen d7d252f98f
unbound/logging: add statistics printing 2019-08-20 17:41:43 +03:00
Aminda Suomalainen 2c3fe4a5df
unbound: enable IPv6 preferring 2019-08-20 12:49:19 +03:00
Aminda Suomalainen be7c4185eb
etc/unbound/dns-over-tls: comment Cloudflare 2019-08-20 11:49:37 +03:00
Aminda Suomalainen 56b5b905e2
fix github link, closes #16 2019-08-18 02:05:52 +03:00
Aminda Suomalainen 26624bcd5d
unbound.conf.d: increase TTL to 15 mins from 5 2019-08-17 21:06:01 +03:00
Aminda Suomalainen d539237fbf
unbound/blocklist.conf: add source 2019-08-17 13:43:11 +03:00
Aminda Suomalainen 057d42bafd
unbound/dns-over-tls.conf: fix typo 2019-08-17 13:40:39 +03:00
Aminda Suomalainen 914fe1d26c
unbound/dot: finish adding providers 
Ref: #15
 2019-08-17 13:37:02 +03:00
Aminda Suomalainen 410a02a968
unbound/dot: add securedns (both), dnswarden (adblock) 2019-08-17 13:23:28 +03:00
Aminda Suomalainen a5ccd88e70
unbound/dns-over-tls.conf: add server locations 
Ref: #15
 2019-08-17 12:34:03 +03:00
Aminda Suomalainen 596c18c0e0
etc/unbound: add blocklist.conf 
Closes: #13
 2019-08-17 12:16:53 +03:00
Aminda Suomalainen 601bd3ac86
unbound dot: alphabetical order 
Ref: #15
 2019-08-17 00:52:41 +03:00
Aminda Suomalainen 39493f3bf9
unbound dot: move things around 2019-08-17 00:26:36 +03:00